TITLE OF THE INVENTION 
STORAGE UNIT, INFORMATION PROCESSING APPARATUS, 
AND ACCESS CONTROL METHOD 



5 FIELD OF THE INVENTION 

The present invention relates to a portable 
storage unit such as a disk unit, an information 
processing apparatus which allows detaching the storage 
unit, and an eject control method for the storage unit 
10 in the information processing apparatus. 

BACKGROUND OF THE INVENTION 

In recent years, general disk units used by being 

inserted and connected to the slots of information 
15 processing apparatuses such as a personal computer are 

rapidly developed to a smaller size, higher speed, more 

advanced functions, larger capacity, and lower cost. 

At present, 1.8" and 2.5" memory card type disk units 

are commercially available. As the disk unit 
20 interface, standard interfaces such as SCSI, PCMCIA, 

and IDE have been spread. Any user can mount a disk 

unit in a host apparatus and use it. 

The storage capacity of the disk unit increases 

year by year. For example, even a 2.5" disk unit will 
25 soon reach a storage capacity of 100 GB. The storage 

capacity of a file server class several years ago can 

be easily carried by a compact disk unit. Such 
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large -capacity disk unit Is possessed and used by each 
user. 

The disk unit of each user can be easily mounted 
In a host to read/write data. Most of data may contain 
5 personal data which must be kept unknown to another 
person. If data stored In the disk unit Is easily 
read/written, data may be Illicitly stolen or be 
destructed. Disk units are advanced for use by 
everyone, but security measures of data stored In the 

10 disk unit are not enough. 

Recently, some disk units can set a password. 
For example, Japanese Patent Lald-Open No. 08-263383 
discloses a disk unit which assumes use by a plurality 
of users and allows setting a plurality of passwords, 

15 usable capacities In correspondence with the respective 
passwords, and the authority for each capacity such as 
only read or both read and write In order to share the 
disk unit between a plurality of users . 

Because of compactness, the disk unit can be 

20 easily taken away. The disk unit can be easily removed 
by any user by operating an eject button attached to 
the disk unit or host apparatus, or Inputting disk unit 
eject designation by using a user Interface (GUI) 
provided by software running on the OS of the host 

25 apparatus. Even a person other than an authentic user 
can easily remove the disk unit, and the disk unit 
Itself may be stolen. Japanese Patent Lald-Open 
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No. 2001-357587 discloses an apparatus which performs 
password authentication In ejecting a disk from a disk 
drive, thereby preventing an unauthorized user who does 
not know the password from taking away the disk. 
5 For example, according to Japanese Patent 

Lald-Open No. 08-263383, the disk unit allows setting a 
plurality of passwords and can be shared between a 
plurality of users. However, this reference does not 
consider any measure against removal. I.e., eject 
10 processing of the disk unit. A person other than a 
plurality of users including an authentic owner may 
eject the disk unit from the host apparatus and take It 
away . 

In Japanese Patent Lald-Open No. 2001-357587, 
15 authentication with a password stored In the disk drive 
Is performed upon disk eject designation. This 
reference does not assume a plurality of disk drive 
users, and when use by another person Is permitted, the 
unique password must be given, which impairs the effect 
20 of the password. The password Is stored and 

authenticated by the disk drive. The disk drive Itself 
Is not portable, and a disk Is ejected and carried 
Instead. If the disk is inserted into another device 
and used, the disk can be used without any 
25 authentication in the new device. Hence, data may be 

illicitly used by another device or destructed. When a 
host apparatus is connected to a LAN (Local Area 
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Network) and a disk drive Is shared on the LAN, the 
disk drive may be ejected and taken away by a person 
other than the user who Inserts and uses the disk 
drive . 

5 Considering the conventional drawbacks, demands 

have arisen for a storage unit capable of reliably 
preventing removal of a disk unit by a person other 
than an authentic user while enabling sharing the disk 
unit between a plurality of users. 

10 

SUMMARY OF THE INVENTION 
According to one aspect of the present Invention, 
there Is provided a storage unit detachable from an 
Information processing apparatus, comprising: storage 

15 means for storing user Information for user 

authentication; authentication means for performing 
authentication processing on the basis of 
authentication Information Input from an Information 
processing apparatus In which the storage unit is 

20 mounted, and user Information stored In the storage 
means; and output means for outputtlng an 
authentication result of the authentication means. 

According to another aspect of the present 
Invention, there Is provided an Information processing 

25 apparatus which allows detaching a storage unit having 
storage means for storing user Information for user 
authentication, authentication means for performing 
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authentication processing on the basis of 
authentication Information Input from the Information 
processing apparatus In which the storage unit Is 
mounted, and user Information stored In the storage 
5 means, and output means for outputtlng an 

authentication result of the authentication means, 
comprising: providing means for providing an Interface 
for causing a user to Input authentication Information 
In executing predetermined processing for the storage 

10 unit; transmission means for transmitting the 

authentication Information Input via the Interface to 
the storage unit; and execution means for executing the 
predetermined processing for the storage unit on the 
basis of the authentication result output from the 

15 output means In response to transmission of the 
authentication Information. 

According to another aspect of the present 
Invention, there Is provided an access control method 
for a storage unit detachable from an Information 

20 processing apparatus, comprising: a registration step 
of registering user Information for user authentication 
In a storage medium arranged In the storage unit; a 
providing step of providing an Interface for causing a 
user to Input authentication Information In executing 

25 predetermined processing for the storage unit; an 
authentication step of causing the storage unit to 
execute authentication processing on the basis of the 
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authentication Information Input via the interface and 
the user Information registered In the registration 
step; and an execution step of executing the 
predetermined processing for the storage unit on the 
5 basis of an authentication result In the authentication 
step. 

Other features and advantages of the present 
Invention will be apparent from the following 
description taken In conjunction with the accompanying 
10 drawings. In which like reference characters designate 
the Scune or similar parts throughout the figures 
thereof . 



BRIEF DESCRIPTION OF THE DRAWINGS 
15 The accompanying drawings, which are Incorporated 

In and constitute a part of the specification. 
Illustrate embodiments of the Invention and, together 
with the description, serve to explain the principles 
of the invention. 
20 Fig. 1 Is a block diagram showing the basic 

arrangement of an information processing apparatus in 
which a portable unit according to an embodiment of the 
present invention can be Inserted, connected, and used; 
Fig. 2 is a block diagram showing the basic 
25 arrangement of the portable unit according to the 
embodiment of the present invention; 

Fig. 3 is a table showing various pieces of 
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Information for user authentication that are stored in 
the portable unit according to the embodiment of the 
present invention ; 

Fig. 4 is a view showing a display example of a 
5 GUI for inputting a user ID and password as user 

authentication in ejecting an HDD unit according to the 
embodiment of the present invention; 

Fig. 5 is a flow chart showing processing 
performed by the portable unit according to the 
10 embodiment of the present invention in ejecting an 
inserted HDD unit; and 

Fig. 6 is a flow chart for explaining utility 
processing by a driver application for an HDD slot that 
is executed in a host computer. 

15 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 
A preferred embodiment of the present invention 
will now be described in detail in accordance with the 
accompanying drawings . 

20 Fig. 1 is a block diagram showing the basic 

arrangement of an information processing apparatus 
serving as a host apparatus in which a portable storage 
unit according to the embodiment of the present 
invention is inserted, connected, and used. The 

25 information processing apparatus shown in Fig. 1 is 

roughly divided into two parts: a motherboard 4 and a 
PCI board 12 connected to it except a keyboard 1, mouse 
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unit) 20 and can be connected to the PCI board 12. The 
HDD units 18 and 19 are connected to the local bus 17 
on the PCI board 12, and can exchange various data. 
Fig. 1 illustrates the internal structure of only one 
5 HDD slot 18 out of the two HDD slots. The other HDD 
slot 19 also has the same structure (not shown in 
Fig. 1). 

The structure of the HDD slot 18 will be 
explained. A slot controller 22 is connected to the 

10 local bus 17 on the PCI board 12, and controls various 
operations within the HDD slot 18. The HDD unit 20 is 
a removable hard disk which can be inserted/removed 
to/from and connected to the HDD slot 18. 

The HDD slot 18 comprises an insertion/removal 

15 detector 24, motor controller 23, and lock mechanism 
21. The insertion/removal detector 24 detects 
insertion/removal of the HDD unit 20 into/from the HDD 
slot 18. The motor controller 23 has a motor which 
performs loading for ejecting the HDD unit 20 from the 

20 HDD slot 18 or correctly connecting the inserted HDD 
unit 20, and a controller which controls the motor. 
The lock mechanism 21 physically latches and locks the 
inserted HDD unit 20 so as not to unintentionally 
remove the inserted HDD unit 20. 

25 The HDD unit 20 will be explained with reference 

to Fig. 2. Fig. 2 is a block diagram showing the basic 
arrangement of the portable storage unit, i.e., the HDD 
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unit 20 according to the embodiment of the present 
Invention. 

The HDD unit 20 comprises a CPU 32 which executes 
various processing programs In the HDD unit 20, a hard 
5 disk 33 which stores various user data, application 
software, and the like, and a FLASH memory 31 which 
stores programs and various data executed by the CPU 32 
as a storage area other than the hard disk 33. The CPU 
32 communicates various data with a host computer 30 

10 serving as a host apparatus as shown In Fig. 1. 

Various data stored In the FLASH memory 31 shown In 
Fig. 2 Include various pieces of user Information to be 
described later with reference to Fig. 3. 

User Information will be described with reference 

15 to Fig. 3. Fig. 3 shows a data structure example of 
user Information stored In the FLASH memory 31 of the 
portable storage unit. I.e., the HDD unit 20 according 
to the embodiment. In the embodiment, pieces of 
Information on for users are registered as user 

20 Identification Information, and "user A", "user B" , 
"user C", and "user D" are pieces of Identification 
Information. The embodiment will exemplify four users, 
but the number of users can be arbitrarily set. In 
order to Identify an Individual, Information such as 

25 the user's name which can specify the user Is generally 
registered and used as Identification information. 
Various pieces of Information are registered and stored 
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In correspondence with pieces of Identification 
information. The embodiment will describe "password 
information", "owner", and "mounter". 

The password Information is used to authenticate 
5 each user for the use of the HDD unit 20 when he/she 
inserts and connects the HDD unit 20 into the host 
computer 30 and uses the HDD unit 20. For example, a 
window which prompts input of identification 
information and a password is displayed on the display 

10 3 of the host computer 30 (1) when the HDD unit is 

inserted and connected, (2) upon the first access to 
the HDD unit, or (3) when mounting of the HDD unit is 
detected upon power-on of the host computer 30. The 
user Inputs his/her identification information and 

15 password from the keyboard 1. In the example of 

Fig. 3, "user A", "user B", "user C", and "user D" are 
pieces of registered identification information, and 
"0123", "4567", "8901", and "2345" are pieces of 
corresponding password information. In the embodiment, 

20 password information is a four- digit number. Another 
number of digits, characters, or authentication data 
using a blometrlc technique such as fingerprint 
authentication may also be adopted. As password 
information, a result of performing predetermined 

25 encryption in the HDD unit 20 may be stored. 

Of pieces of user information, "owner" will be 
explained. "Owner" represents the owner of the HDD 
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unit 20. In general, almost all things including a 
portable storage unit belong to owners. In the 
embodiment, the owner is one "user A", but may be 
another person or a plurality of persons. In the 
5 embodiment, the difference between the owner and a user 
who is not the owner is that a person who manages the 
HDD unit 20 is the owner. When the owner purchases the 
HDD unit 20 and uses it for the first time, he/she 
registers that the HDD unit 20 belongs to him/her. At 

10 this time, owner's identification information and 

password information are also registered and used. The 
owner then registers persons who can share the HDD unit 
20. That is, the owner registers users who can access 
various data stored in the HDD unit 20. The persons 

15 who are registered later are generally users who are 
not the owner. 

"Mounter" will be explained. The mounter is a 
user who is first authenticated and permitted for use 
every time the HDD unit 20 is inserted and connected to 

20 the host computer 30 and used. The mounter is 

registered in identification information by the owner, 
and permitted by the owner to use the HDD unit 20. 
"Mounter" is a user who connects the HDD unit 20 and is 
first authenticated, and is limited to one person. In 

25 the embodiment, "user C" is registered as a mounter. 
Also, a person who is first authenticated when the 
apparatus is powered off and then on while the HDD unit 
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20 is kept connected becomes a mounter. That is, a 
mounter before power- off is not always a mounter . 
"Mounter" is initialized to a state wherein no mounter 
exists upon power-on of the HDD unit 20. A nonvolatile 
5 RAM may be newly arranged to store "mounter" . 

It is possible to store "identification 
information", "password information", and "owner" out 
of pieces of user information in a backed-up 
nonvolatile memory, and store "mounter" in a 

10 nonvolatile RAM or the like. It is also possible to 
store all pieces of user information in the FLASH 
memory 31, and initialize "mounter" under the control 
of the CPU 32 upon power-on, like the embodiment. 

An example in Fig. 4 will be explained. Fig. 4 

15 shows an example of a GUI displayed on the display 3 

via the display controller 8 when the portable storage 
unit, i.e., the HDD unit 20 according to the embodiment 
is ejected from the information processing apparatus 
shown in Fig. 1. The GUI allows confirming whether the 

20 user is authorized to eject and bring out the HDD unit 
20. In ejecting the HDD unit 20, the user inputs 
his/her user ID, i.e., "identification information" in 
a user ID input area 41 and "password information" in a 
password input area 42 in accordance with the GUI shown 

25 in Fig. 4. If the user clicks an "OK" button 43, 

authentication between the pieces of input information 
and pieces of user information stored in the FLASH 
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memory 31 of the HDD unit 20 is executed. If the user 
clicks a "CANCEL" button 44, the eject operation is 
canceled. Movement to each area, and clicking of the 
"OK" button 43 and "CANCEL" button 44 are done with the 
5 mouse 2 . 

The information processing apparatus serving as a 
host apparatus in which the portable storage unit 
according to the embodiment is inserted, connected, and 
used has a basic arrangement shown in Fig. 1. The 

10 portable storage unit (HDD unit 20) according to the 

embodiment has a basic arrangement shown in Fig. 2. An 
example of user information which is stored in the 
portable storage unit according to the embodiment and 
used for user authentication is shown in Fig. 3. The 

15 GUI used for authentication in eject is shown in 
Fig. 4. 

The operation of the host apparatus which 
performs registration of user information in the HDD 
unit, eject designation (eject insruction), and the 

20 like will be explained. A driver application dedicated 
to control the HDD slots 18 and 19 is installed in the 
system memory 5 of the information processing apparatus 
serving as a host apparatus, and controls access to the 
HDD unit 20 inserted/connected to the slot and carrying 

25 of the HDD unit 20. The driver application includes a 
utility which provides user interfaces for input of 
authentication information, user registration, eject 
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designation, and the like. 

Fig. 6 is a flow chart for explaining utility 
processing by the driver application for the HDD slot 
18. If the utility is executed, a menu window (not 
5 shown) for selecting an operation such as "user 

registration" or "eject" is displayed (step S600). If 
"user registration" is designated on the menu window, 
the processing advances from step S601 to step S611 to 
inquire of the CPU 32 of the HDD unit 20 whether user 

10 information has been registered. If NO in step S611, 

the processing advances from step S611 to step S612 to 
present on the display 3 a user interface for 
registering "owner", "use-permitted person 
(identification information and password information)", 

15 and a limitation on an eject operator (eject operator 
limitation information) . The limitation on an eject 
operator (eject operator limitation information) is a 
limitation on execution of eject operation to a 
registrant or a limitation to an owner and mounter (in 

20 this example, any one of "all registrants can eject the 
HDD unit 20", "only the mounter can eject the HDD unit 
20", "only the owner can eject the HDD unit 20", and 
"only the mounter or owner can eject the HDD unit 20"), 
which will be described in detail later. 

25 Identification information, password information, and 
"owner" information input with the user interface are 
transmitted to the HDD unit 20, and stored in the FLASH 
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memory 31 under the control of the CPU 32. Eject 
operator limitation information representing the 
limitation on an eject operator is also stored in the 
FLASH memory 31. 
5 If YES in step S611, one or more use-permitted 

persons and the owner are registered- In step S613, a 
user interface for inputting authentication information 
is presented, and authentication processing is 
performed. If the user is authenticated on the basis 

10 of the identification information and password 

information registered in the user information and is 
"owner", the processing advances from step S614 to step 
S615 to provide a user interface for performing 
use-permitted person update operation (e.g., 

15 addition/delete of identification information and a 
password) and eject operator limitation update 
operation. If NO in step S614, the processing advances 
to step S616 to reject user registration designation. 
If "eject" is designated on the menu, the 

20 processing advances from step S602 to step S621 to 
determine whether to perform authentication (i.e., 
whether the eject operator limitation has been 
registered) . Whether the eject operator is limited can 
be determined by acquiring information on the eject 

25 operator limitation from the HDD unit by polling (to be 
described later). If YES in step S621, the processing 
advances from step S621 to step S622 to present a user 
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Interface as shown In Fig. 4 for Inputting 
authentication Information. In step S623, eject 
designation, and user Information (Identification 
Information and password Information) Input In the user 
5 Interface are transmitted to the HDD unit 20. The 
processing then advances to step S625. 

If NO In step S621, the processing advances to 
step S624 to transmit eject designation. 

In step S625, the processing waits for an eject 

10 enable/disable signal from the HDD unit 20. If eject 
permission Is Input, the HDD slot 18 or 19 Is 
controlled to eject the HDD unit 20 (steps S625 and 
S626). If no eject permission Is Input from the HDD 
unit 20, a message that eject designation Is rejected 

15 Is displayed on the display (step S627)- 

Processes In steps S621 to S62 7 may start upon 
detecting operation on an eject button (not shown) 
arranged on the HDD unit 20 or the HDD slot 18 or 19. 

The utility of the embodiment executes "mounter" 

20 registration processing, in addition to designation by 
selecting operation from the menu. In the embodiment, 
upon access to the HDD unit 20, whether the mounter has 
been registered is determined, and If no mounter Is 
registered, this access is determined as the first 

25 access. As described above, "mounter" is initialized 
upon activation of the apparatus. Upon access to the 
HDD unit 20, whether the mounter has been registered is 
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determined, and if no mounter has been registered, a 
user interface which prompts input of authentication 
information is provided (steps S603 and S631). Whether 
the mounter has been registered can be grasped by 
5 inquiring a mounter registration status from the HDD 
unit 20 by, e.g., polling. If the user is 
authenticated on the basis of identification 
information and password information, the user is 
registered as a mounter, and permitted to access the 

10 HDD unit 20 (steps S632 and S633). If the user is not 
authenticated, the access is rejected (step S634). In 
access rejection in steps S616 and S634, a message to 
this effect may be displayed on the display 3. 

Processing in the portable storage unit when the 

15 portable storage unit (HDD unit 20) inserted into the 
information processing apparatus is physically ejected 
in response to the above-mentioned eject designation 
will be explained. 

As described above, when the HDD unit 20 inserted 

20 and connected to either of the HDD slots 18 and 19 is 

to be ejected, the operator inputs eject designation of 
the HDD unit by using the mouse 2 , keyboard 1 , or the 
like. The input eject designation is input to the host 
CPU 6 via the input controller 7. Alternatively, the 

25 eject button (not shown) of the HDD unit 20 is pressed 
to notify the host CPU 6 of the eject designation via 
the slot controller 22, PCI bridge 13, and host bridge 
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10. The host CPU 6 detects the eject designation, and 
if necessary, performs authentication of the connected 
HDD unit 20 in order to confirm whether the operator is 
authorized to eject and bring out the HDD unit 20. 
5 The host computer 30 polls the HDD unit 20 and 

acquires various pieces of information in advance in 
order to recognize the type of connected HDD unit 20, 
its function, and its registration status. If the host 
computer 30 serving as a host apparatus detects that 

10 the user is limited, the GUI shown in Fig. 4 is 

displayed on the display 3 via the display controller 8 
in order to confirm whether the operator is permitted 
to eject the HDD unit 20. The operator uses the 
keyboard 1 to input his or her user ID, i.e., 

15 identification information in the user ID input area 41 
and password information in the password input area 42, 
and uses the mouse 2 to click the "OK" button 43. In 
response to this, authentication with pieces of user 
information stored in the FLASH memory 31 of the HDD 

20 unit 20 is performed (S621 to S623). 

The user ID, i.e., identification information and 
password information input via the GUI shown in Fig. 4 
are transmitted to the HDD unit 20 via the host bridge 
10, PCI bridge 13, and slot controller 22 together with 

25 eject designation (S623). The CPU 32 of the HDD unit 
20 which has received the eject designation determines 
whether to eject in accordance with the flow chart 



- 19 - 



shown in Fig. 5. 

A flow of determining whether to permit eject 
upon reception of eject designation by the CPU 32 of 
the HDD unit 20 will be explained with reference to the 
5 flow chart of Fig. 5. 

Upon reception of eject designation from the host 
computer 30 serving as a host apparatus, the HDD unit 
20 checks whether the current mode is a mode in which 
the user is limited (in this case, the eject operator 

10 is limited) (step S501). Whether to limit the user is 
registered and stored in the FLASH memory 31 in 
advance. In this example, the eject operator is 
limited to any one of "all registrants can eject the 
HDD unit 20", "only the mounter can eject the HDD unit 

15 20", "only the owner can eject the HDD unit 20", and 

"only the mounter or owner can eject the HDD unit 20". 
If no identification information has been registered, 
user limitation may be determined not to be performed. 
If NO in step S501, the HDD unit 20 shifts to a 

20 state in which connection to the host computer 30 
serving as a host apparatus can be canceled. For 
example, the HDD unit 20 performs end processing such 
as retreat of a cache memoiry (not shown), and shifts to 
a state in which the HDD unit can be powered off by 

25 eject without any problem. The HDD unit 20 notifies 
the host computer 30 that the HDD unit 20 can be 
ejected (step S510). The host computer 30 which has 
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received the notification that the HDD unit 20 can be 
ejected unlocks the HDD unit 20 by the lock mechanism 
21 via the slot controller 22 of the designated HDD 
slot 18. The host computer 30 operates the motor 
5 controller 23, and ejects the designated/permitted HDD 
unit 20, 

If YES in step S501, identification information 
and password information of the eject-designating user 
that are transmitted successively to the eject 

10 designation are received (step S502). A user ID and 

password input via the GUI shown in Fig, 4 are received 
as identification information and password information, 
respectively . 

Whether the received identification information 

15 and password information coincide with identification 
information and password information registered in the 
FLASH memory 31 is determined (step S503). In the 
example of Fig. 3, "user A", "user B" , "user C", and 
"user D" are pieces of registered identification 

20 information, and "0123", "4567", "8901", and "2345" are 
pieces of corresponding password information. If 
information encrypted by predetermined cryptography is 
registered as password information, the received 
password also similarly undergoes the predetermined 

25 cryptography, and the result is compared with the 
registered password information. 

If it is determined in step S503 that 
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identification information and password information 
which coincide with the received identification 
information and password information are not registered 
in the FLASH memory 31, the host computer 30 serving as 
5 a host apparatus is notified that eject is inhibited 
and not permitted (step S509). The host computer 30 
which has received the notification that eject is 
inhibited does not eject the designated HDD unit 20 • 
Although not shown, the host computer 30 may display on 

10 the display 3 using a GUI a message that eject is not 
permitted, or notify the user of a message to this 
effect by error sound or the like. 

If YES in step S503, the user who is permitted 
for eject is confirmed on the basis of eject operator 

15 limitation information. As the eject operator 

limitation information according to the embodiment, 
four types: "all registrants can eject the HDD unit 
20", "only the mounter can eject the HDD unit 20", 
"only the owner can eject the HDD unit 20", and "only 

20 the mounter or owner can eject the HDD unit 20" can be 
set, and any one of them is set. Whether "all 
registrants can eject the HDD unit 20" has been 
registered is checked (step S504). 

If YES in step S504, the resistant has already 

25 been confirmed in step S503, and the processing 

advances to step 8510 to perform predetermined end 
processing. The host computer 30 serving as a host 
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apparatus is notified that eject is permitted. The 
host computer 30 which has received the notification 
that eject is permitted unlocks the HDD unit 20 by the 
lock mechanism 21 via the slot controller 22 of the 
5 designated HDD slot 18. The host computer 30 operates 
the motor controller 23, and ejects the 
designated/permitted HDD unit 20 (S626). 

If NO in step S504, whether the mounter can eject 
the HDD unit 20 is checked (step S505). That is, if 

10 "only the mounter can eject the HDD unit 20" or "only 
the mounter or owner can eject the HDD unit 20" has 
been registered, whether the identification information 
and password information received in step S502 are 
those of the mounter is checked (step S506). 

15 In the example of Fig. 3, the mounter is "user 

C" • If "user C" designates eject, the user is the 
mounter, and the processing advances to step S510 to 
perform predetermined end processing. The host 
computer 30 serving as a host apparatus is notified 

20 that eject is permitted. The host computer 30 which 
has received the notification that eject is permitted 
unlocks the HDD unit 20 by the lock mechanism 21 via 
the slot controller 22 of the designated HDD slot 18. 
The host computer 30 operates the motor controller 23, 

25 and ejects the designated/permitted HDD unit 20 (S626). 

If NO in step S505 or S506, whether the owner can 
eject the HDD unit 20 is checked (step S507). That is. 
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if "only the owner can eject the HDD unit 20" or "only 
the mounter or owner can eject the HDD unit 20" has 
been registered, whether the identification information 
and password information received in step S502 are 
5 those of the mounter is checked (step S508). 

In the example of Fig. 3, the owner is "user A". 
If "user A" designates eject, the user is the owner, 
and the processing advances to step S510 to perform 
predetermined end processing. The host computer 30 

10 serving as a host apparatus is notified that eject is 

permitted. The host computer 30 which has received the 
notification that eject is permitted unlocks the HDD 
unit 20 by the lock mechanism 21 via the slot 
controller 22 of the designated HDD slot 18. The host 

15 computer 30 operates the motor controller 23, and 

ejects the designated/permitted HDD unit 20 (S626). 

If NO in step S507 or S508, the host computer 30 
serving as a host apparatus is notified that eject is 
inhibited and not pejnnitted (step S509). 

20 The host computer 30 which has received the 

notification that eject is inhibited does not eject the 
HDD unit 20. Although not shown, the host computer 30 
may display on the display 3 using a GUI a message that 
eject is not permitted, or notify the user of a message 

25 to this effect by error sound or the like. 

Processing by the CPU 32 in the HDD unit 20 upon 
eject designation to the HDD unit 20 has been 
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described. 

The embodiment has described the use of a 
removable hard disk. The present invention can also be 
applied to another storage unit such as a flexible disk 
5 or memory stick, or another portable storage unit. 

The embodiment has described operation of 
ejecting the HDD unit 20 inserted into the HDD slot 18. 
The operation of ejecting another HDD unit 20 inserted 
into the HDD slot 19 is also the seime. That is, the 
10 above-described processing is executed in eject at each 
slot . 

Different pieces of user information such as 
identification information and password information can 
be registered for different HDD units 20. 

15 Various pieces of user information are stored in 

the FLASH memory 31 in the embodiment, but may also be 
stored in the hard disk 33. 

As described above, according to the embodiment, 
a portable storage unit is inserted into a host 

20 apparatus. Authentication information for determining 
whether to permit /inhibit access to the portable 
storage unit used upon connection is stored not in the 
host apparatus but in the portable storage unit. The 
portable storage unit performs authentication for eject 

25 designation (i.e., whether the user is permitted for 
eject) on the basis of identification information and 
password information which are input from the host 
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apparatus. This can prevent a user not intended by the 
owner from removing the portable storage unit. 

According to the embodiment, limitations on an 
eject permittee can be flexibly set such that (1) all 
5 users whose information is stored in the portable 

storage unit (users whose identification information 
and password information are registered) are permitted 
to eject the portable storage unit, (2) a user who is a 
mounter is permitted to eject the portable storage 

10 unit, or (3) a user who is an owner is permitted to 
eject the portable storage unit. 

The object of the present invention is also 
achieved when a storage medium which records software 
progreun codes for realizing the functions of the 

15 above -described embodiment is supplied to a system or 
apparatus, and the computer (or the CPU or MPU) of the 
system or apparatus reads out and executes the program 
codes stored in the storage medium. 

In this case, the program codes read out from the 

20 storage medium realize the functions of the 

above -described embodiment, and the storage medium which 
stores the program codes constitutes the present 
invention. 

The storage medium for supplying the program codes 
25 includes a floppy disk, hard disk, optical disk, 
magnetooptical disk, CD-ROM, CD-R, magnetic tape, 
nonvolatile memory card, and ROM. 
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The functions of the above -de scribed embodiment 
are realized when the computer executes the readout 
program codes. Also, the functions of the 
above-described embodiment are realized when an OS 
5 (Operating System) or the like running on the computer 
performs part or all of actual processing on the basis 
of the instructions of the program codes. 

The functions of the above -de scribed embodiment 
are also realized when the program codes read out from 

10 the storage mediiun are written in the memory of a 

function expansion board inserted into the computer or 
the memory of a function expansion unit connected to the 
computer, and the CPU of the function expansion board or 
function expansion unit performs part or all of actual 

15 processing on the basis of the instructions of the 
program codes. 

As has been described above, the present 
invention can reliably prevent removal of a disk unit 
by a person other than an authentic user while enabling 

20 sharing the disk unit between a plurality of users. 

As many apparently widely different embodiments 
of the present invention can be made without departing 
from the spirit and scope thereof, it is to be 
understood that the invention is not limited to the 

25 specific embodiments thereof except as defined in the 
claims . 
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